Google wants to replace traditional passwords on Android with “trust scores,” and it is planning to do it by 2017. The announcement was officialized at the Google I/O conference, the IT giant intends to use Google’s Trust API technology developed by the Advanced Technology and Projects division to create a trust score.
Google will use a number of metrics, such as typing speed, facial recognition, vocal inflexions, vocal patterns, and proximity to familiar Bluetooth devices and Wi-Fi hotspots to calculate the score.
The new authentication process leverages on a scale of trust level, low trust score will allow the execution of operation with low privileges, high score to execute sensitive applications, such as banking and webmail.
A high score will be assigned by matching biometric information and location-based data.
“We have a phone, and these phones have all these sensors in them,” explained Daniel Kaufman. “Why couldn’t it just know who I was, so I don’t need a password? It should just be able to work.” Trust API would use a variety of metrics to calculate a “Trust Score,” which is essentially, its belief that you are who you are supposed to be.”
Kaufman believes Trust API could be completely rolled out before the end of 2016 allowing Google to reach its ambitious goal.
Security experts are working to improve the user experience trying to improve the level of security, they see a future in which authentication processes will be implemented without passwords, and biometric authentication is a game changer.
https://www.surveymonkey.com/r/secbloggerwards2016
Thank you
Pierluigi
[adrotate banner=”9″]
(Security Affairs – trust scores, authentication)